#
# AuthCookieHandler.pm
#
# Copyright (C) 2004 Paradigm Services, Inc. All Rights Reserved
#
# $Id: AuthCookieHandler.pm 907 2006-05-19 17:39:37Z bill $
#

package LsL::AuthCookieHandler;

use strict;
use base qw(Apache2::AuthCookie);
use Apache2::URI ();
use Digest::SHA1;

my $secret = 'adsfjweovnxo23950#%*@0jfsm';

sub authen_cred {
  my $self = shift;
  my $r = shift;
  my ($username, $password) = @_;

  my %in = map { Apache2::URI::unescape_url($_) } split /[=&;]/, $r->args;

  my $userid = LsL::Auth::user_login( {'user'   => $username,
                                        'passwd' => $password,
                                        'ccode'  => $in{'para.ccode'},
                                        'digest' => $in{'para.digest'},
                                        'magic'  => $in{'para.magic'},});
                                        
  if ($userid) {
    my $session_key = LsL::Auth::gen_key({'userid' => $userid,
                                           'secret' => $secret,});

    return undef unless $session_key;

    return undef unless
      LsL::Auth::new_session( {'session_key' => $session_key,
                                'userid'      => $userid} );
    return $session_key;
  }
}

sub authen_ses_key {
  my $self = shift;
  my $r = shift;
  my $session_string = shift;

#print STDERR "authen_ses_key: (CHECK: " . $$ . ") $session_string\n";

  my %in;

  $r->args && do {
    %in = map { Apache2::URI::unescape_url($_) } split /[=&;]/, $r->args;
  };

  # validate session (timeout, munge check, su, etc)
  my ($userid, $su_userid, $entity_id, $cis_entity_id, $cis_entity_type) = LsL::Auth::check_key($session_string, $secret, \%in);

  return undef unless $userid;
  
#print STDERR "authen_ses_key: (KEY CHECK OK: " . $$ . ") $session_string\n";

  # set user
  return undef unless LsL::User::set_user( $session_string, $userid, $entity_id, $cis_entity_id, $cis_entity_type );

#print STDERR "authen_ses_key: (SET USER OK: " . $$ . ") $session_string\n";

#print STDERR "authen_ses_key: (DONE: " . $$ . ") $session_string\n";

  return $session_string;

#  $session_cache ||=
#    Cache::FileCache->new( { namespace  => 'Paradigm-Session',
#                             cache_root => '/tmp/sessions',
#                             default_expires_in  => 60 * 60 * 24, # 1 day
#                             auto_purge_interval => 60 * 60 * 24, # 1 day
#                             auto_purge_on_set => 1 } );
#
#      my ($key_check, $session_key) = split /::/, $session_string;
#
#      return undef unless $session_key;
#
#      my $key_data = $session_cache->get( $session_string );
#
#      if ( Digest::SHA1::sha1_base64( $key_data->{'user'}, $secret ) eq $key_check ) {
#          #AlbacoreW::Data::check_add($userid);
#          unless ( $key_data->{'timeout'} ) {
#            return undef if $key_data->{'time'} < time;
#          }
#          $key_data->{'time'} = time + $LsL::TIMEOUT;
#    $session_cache->set( $session_string, $key_data );
#      }
}
1;
